From patchwork Mon Oct 30 12:05:13 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Dimitri John Ledkov X-Patchwork-Id: 159699 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:d641:0:b0:403:3b70:6f57 with SMTP id cy1csp2157300vqb; Mon, 30 Oct 2023 05:06:08 -0700 (PDT) X-Google-Smtp-Source: AGHT+IFfQJvkAoUVREGXSIXDsha9yAW+XwxppDOVZSn2vHP5JuF+7YGvZlh479OKljlFV6d0Ymxd X-Received: by 2002:a05:6a21:4849:b0:173:3ef3:236a with SMTP id au9-20020a056a21484900b001733ef3236amr6697348pzc.21.1698667568460; Mon, 30 Oct 2023 05:06:08 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1698667568; cv=none; d=google.com; s=arc-20160816; b=JXdHX8Dncmoe0e7BL5wn0fvAyKxdmggiRBlx2P/YtuKpJYGqev3ZtoLI+Nx5sX/kgu LwsKb8kncOqnMZFiO5PPCoV8YT0gvWP02NIkz98xSGM4OHbtB4l95dCXwGPy2wvVgc0y os3d1QvEI/2/cDyqCDYDkjxWUymZkgX+IFqGoodWE1lNLRiAsf/eV5aYN9VvivSeesKm 9B1/CewJUiFIe4BSvRRcNrhdoG53rxPvT9GWl6IhAygePvTfBY16BP0pPeFQgnHeRRNh Ps8CXEbTupg+AoCUAYB54bxvUvPp4v+jqsc/dt4K2rVC9BaqLPg3UhycFglsCb1w/oTc mx8w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=goPlhkL/xzNb2R4OkDT742TxqiPYA+4C52wqVnxeTeU=; fh=f7rGv/lZUKYPSVW4vmZTSpKGS2MqhLr4JDXhUskr9eQ=; b=LZguZllwKarsuGoAJFpreHUyS8376zPDAaAtxbgJ49fxLUH4BW9XRExagjZppYVM6R nixYNNwoAr1leu3gQA6L7MzRSrfYuxEjW5YMpaNKWxR/MfPEkQ9yRmh22h4W94O3OrOe kDLPbaU19CbmzXtpvGtijsVkt4FLZ0k8Nl2aXCyG3MAryrbvURQPQPk7Jxj/3PoF2Mj8 d6f3FwLwc9jvJ0EXFCrPOocqetYLR26kP6LiO5SwclLWquD0xIB0hLAHo+M/dZp1fhlh EOXzRzJmJFRC/h4OEXuI6aNxZFwEff4qW5rSvJC5yDRk5mg9pJYt3UaXKDY+jFMhzrb/ Owsw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@canonical.com header.s=20210705 header.b=ViAmbB4a; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.32 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=canonical.com Received: from agentk.vger.email (agentk.vger.email. [23.128.96.32]) by mx.google.com with ESMTPS id w6-20020a63fb46000000b005b33c54df1esi4913058pgj.51.2023.10.30.05.06.08 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 30 Oct 2023 05:06:08 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.32 as permitted sender) client-ip=23.128.96.32; Authentication-Results: mx.google.com; dkim=pass header.i=@canonical.com header.s=20210705 header.b=ViAmbB4a; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.32 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=canonical.com Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by agentk.vger.email (Postfix) with ESMTP id 68A7280A07EF; Mon, 30 Oct 2023 05:06:06 -0700 (PDT) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.10 at agentk.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233095AbjJ3MFx (ORCPT + 31 others); Mon, 30 Oct 2023 08:05:53 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:37656 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233127AbjJ3MFr (ORCPT ); Mon, 30 Oct 2023 08:05:47 -0400 Received: from smtp-relay-internal-0.canonical.com (smtp-relay-internal-0.canonical.com [185.125.188.122]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 0CAF9C9 for ; Mon, 30 Oct 2023 05:05:45 -0700 (PDT) Received: from mail-lj1-f199.google.com (mail-lj1-f199.google.com [209.85.208.199]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by smtp-relay-internal-0.canonical.com (Postfix) with ESMTPS id 9402D3FADC for ; Mon, 30 Oct 2023 12:05:43 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=canonical.com; s=20210705; t=1698667543; bh=goPlhkL/xzNb2R4OkDT742TxqiPYA+4C52wqVnxeTeU=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=ViAmbB4aptfuB10K4nwvaQsoxkNVtCrGfGQb5NO4WQ9w8DkqCJLsiM10Vb9mZ0FtJ 09QB1iEKbnOdPSZBBlOsHF17sos+B4KHLHzDxCBWJ1cIZ4n57H6e+jD9BCvxVSnold EWC7h6nQZ3CIg5Nw7oVQeU+H4GFAhHqYycdAi09NtxCVqSXJVmgnH3Z3Z0/3WTODd6 fDFasvU1DdQi8RUna1RAhOQtCw13VcgkTtEVLKVZHEk0g7cf+ZkRAqnUTFSRKV714Q hJ1yl6jWylmc4oMSk/LMIxBvz64rxJ25CJoI5i3gCHb31h2U+a7S6N5tVDEgPvIqdK leSoP3s4qjuqA== Received: by mail-lj1-f199.google.com with SMTP id 38308e7fff4ca-2c53ea92642so44311401fa.2 for ; Mon, 30 Oct 2023 05:05:43 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1698667543; x=1699272343; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=goPlhkL/xzNb2R4OkDT742TxqiPYA+4C52wqVnxeTeU=; b=uPH/g6juV6mqioSo91mni508UnPP8EVnGn0+9uv41SIqpO6IZierNWYP1aNNRQbihu Qzacy0CRf8WbISyk8ca8sh+d+2M9svgt1Cg6AghNh0WSuz7G4cidv9FFaLr9CVGYmTMX 2WWxMEydcUPifmJ1kSBWotRLjnZQnFc0kubtafVUVEjIXQljt0RdVhAQ18dVP/0WMTdP umGNLFs4aJMxQb9apB2w/xdW5M7LfGabFUpNlm6v6vxeesZCGMfluo36VfcAE/gZmvcy Bj5nvhdh6TMk3UV1ipxyAxqYr6h/6blgxI2Kid07iJb9Hri31rtWiqRloefr6RDJj3nu bhEg== X-Gm-Message-State: AOJu0Ywq9ozKlnG4qW9y5M6H0SuNm+BreKkrXES8ATK4yftEsW9DMwEw BbGDiToiYAhOQLiMl/Fqpp9V073A1box9zyrRl4D5WpYyPCcx56vXsmrOrCJMC/r0i6S7wwnO0s PaZAlcWUMYWInOuZCv8nS/IgZJRsMynnYZXYMRtTxzA== X-Received: by 2002:a05:6512:3b97:b0:507:9777:a34a with SMTP id g23-20020a0565123b9700b005079777a34amr9719637lfv.39.1698667543043; Mon, 30 Oct 2023 05:05:43 -0700 (PDT) X-Received: by 2002:a05:6512:3b97:b0:507:9777:a34a with SMTP id g23-20020a0565123b9700b005079777a34amr9719602lfv.39.1698667542331; Mon, 30 Oct 2023 05:05:42 -0700 (PDT) Received: from localhost ([159.148.223.140]) by smtp.gmail.com with ESMTPSA id n18-20020a056512311200b005056ccb222asm1418808lfb.105.2023.10.30.05.05.41 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 30 Oct 2023 05:05:42 -0700 (PDT) From: Dimitri John Ledkov To: Herbert Xu , "David S. Miller" Cc: smueller@chronox.de, linux-crypto@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH v2 1/4] crypto: drbg - ensure most preferred type is FIPS health checked Date: Mon, 30 Oct 2023 14:05:13 +0200 Message-Id: <20231030120517.39424-2-dimitri.ledkov@canonical.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20231030120517.39424-1-dimitri.ledkov@canonical.com> References: <20231029204823.663930-1-dimitri.ledkov@canonical.com> <20231030120517.39424-1-dimitri.ledkov@canonical.com> MIME-Version: 1.0 X-Spam-Status: No, score=-1.3 required=5.0 tests=DKIMWL_WL_HIGH,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on agentk.vger.email Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (agentk.vger.email [0.0.0.0]); Mon, 30 Oct 2023 05:06:06 -0700 (PDT) X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1781124332562268922 X-GMAIL-MSGID: 1781182044207619995 drbg supports multiple types of drbg, and multiple parameters of each. Health check sanity only checks one drbg of a single type. One can enable all three types of drbg. And instead of checking the most preferred algorithm (last one wins), it is currently checking first one instead. Update ifdef to ensure that healthcheck prefers HMAC, over HASH, over CTR, last one wins, like all other code and functions. This patch updates code from 541af946fe ("crypto: drbg - SP800-90A Deterministic Random Bit Generator"), but is not interesting to cherry-pick for stable updates, because it doesn't affect regular builds, nor has any tangible effect on FIPS certifcation. Signed-off-by: Dimitri John Ledkov Reviewed-by: Stephan Mueller --- crypto/drbg.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/crypto/drbg.c b/crypto/drbg.c index ff4ebbc68e..2cce18dcfc 100644 --- a/crypto/drbg.c +++ b/crypto/drbg.c @@ -2018,9 +2018,11 @@ static inline int __init drbg_healthcheck_sanity(void) #ifdef CONFIG_CRYPTO_DRBG_CTR drbg_convert_tfm_core("drbg_nopr_ctr_aes128", &coreref, &pr); -#elif defined CONFIG_CRYPTO_DRBG_HASH +#endif +#ifdef CONFIG_CRYPTO_DRBG_HASH drbg_convert_tfm_core("drbg_nopr_sha256", &coreref, &pr); -#else +#endif +#ifdef CONFIG_CRYPTO_DRBG_HMAC drbg_convert_tfm_core("drbg_nopr_hmac_sha256", &coreref, &pr); #endif From patchwork Mon Oct 30 12:05:14 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Dimitri John Ledkov X-Patchwork-Id: 159701 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:d641:0:b0:403:3b70:6f57 with SMTP id cy1csp2157573vqb; Mon, 30 Oct 2023 05:06:31 -0700 (PDT) X-Google-Smtp-Source: AGHT+IGmY2cUwzSMocB7ymOpOVUn60yjFvyZb3yMZZpvKnuJneMDLBnLYcdYiaL//quQhuMm0VCQ X-Received: by 2002:a05:6a21:3d94:b0:180:7df:76ca with SMTP id bj20-20020a056a213d9400b0018007df76camr2557618pzc.62.1698667591487; Mon, 30 Oct 2023 05:06:31 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1698667591; cv=none; d=google.com; s=arc-20160816; b=KMxTbQB4ukxeUlws3NcLl8SywQxJd1SaCVSrQzoW1jWN8ZCU/ImHfFsm4J3+kh5Qr4 7s6Y/RFRDWwVO7sPpl3XnLmuBq7+TuDzYn4hB+iEUzexIzMhaYi8sheCnZB1SlR8T6NZ HTxuaPDLBIudgCjRFS1N/OvH8pty+hSjqp8zQlMZAbSTyE0sJ1blX0NZW2mNyqS0rm2g a4gl1k9OG8SzKWfDPSfOTwNvtX7yhWz9IvF2PGegdR3PcdiN7fWA7wzVZiuHVn2Er/z2 E7Oxo2VRfxNMQzk9ARzZRqDA3RkXf6Wdzw9MuN08R0hpbIPL9uZH3FSQLWS/pksZkypB MpXQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=4wJ5Tm/61E15gRGj85phh+y3C3KRS+lk2/KYpXu5K6Q=; fh=f7rGv/lZUKYPSVW4vmZTSpKGS2MqhLr4JDXhUskr9eQ=; b=gdGSLRuJgB5KfcY5tBvpfy0LsP3GAlBlNCvC+imvXz+ZwubdqDfB7AvcZfQ2pbJnJE z/542JlyNswsHK+wyqsU8yUwGRR3Fx2zHGzv0HWLqcvEBADetAjteXlHVLOktbKzMQmj YE0pbpYymdzFA5J8Mh9iOaepRVFqNPpMtXI8P1njoeFmsrvnORQcWeTdmOUYefghfoA2 2XvgQHDiNNKTV5QPUD2aeTozmzXr9+5RrV/3M2YN7198tD3CKuQ9sjRmPGDaQ0vQM/hD LohxyzdML7wOjTP9A44h4UsnOgSb47IZxDT6RKqsCvuJ5bv8Y4/zG0i/SCpzgD3DlF0p qgFg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@canonical.com header.s=20210705 header.b="W/Q4n9W/"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.36 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=canonical.com Received: from pete.vger.email (pete.vger.email. [23.128.96.36]) by mx.google.com with ESMTPS id w4-20020a056a0014c400b0069347c30c78si4834040pfu.230.2023.10.30.05.06.29 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 30 Oct 2023 05:06:31 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.36 as permitted sender) client-ip=23.128.96.36; Authentication-Results: mx.google.com; dkim=pass header.i=@canonical.com header.s=20210705 header.b="W/Q4n9W/"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.36 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=canonical.com Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by pete.vger.email (Postfix) with ESMTP id 7DE8380ACC4B; Mon, 30 Oct 2023 05:06:27 -0700 (PDT) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.10 at pete.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233172AbjJ3MF4 (ORCPT + 31 others); Mon, 30 Oct 2023 08:05:56 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:37704 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233158AbjJ3MFv (ORCPT ); Mon, 30 Oct 2023 08:05:51 -0400 Received: from smtp-relay-internal-0.canonical.com (smtp-relay-internal-0.canonical.com [185.125.188.122]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id DADF3DE for ; Mon, 30 Oct 2023 05:05:47 -0700 (PDT) Received: from mail-lj1-f198.google.com (mail-lj1-f198.google.com [209.85.208.198]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by smtp-relay-internal-0.canonical.com (Postfix) with ESMTPS id 732B73FADC for ; Mon, 30 Oct 2023 12:05:46 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=canonical.com; s=20210705; t=1698667546; bh=4wJ5Tm/61E15gRGj85phh+y3C3KRS+lk2/KYpXu5K6Q=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=W/Q4n9W/NmSxaLgatHw0Bsf43yi4d1jVl81pjqLpDPJrMLtXDK1oZUnK5eFoBWfz3 nNJl+xp6RZYyYDOMFBcMHY88k3P703DNTUgJ5ZVQhujVV7gHylWj2HqZiLzHF2vd5M IT/kWmfAPkm55jrbErlEc2a11iE0Q59n48gnZsKg8JCRicpd8yt5okLTL9PH0ag+IJ aupZQ7THKVtxfstbv4d6YfTd69ZZYRjSxzvA9qf8HECKU6XqNCXWnBRAVOglbwjpBe 9m+GOTfX3zHA4Objnf2EhhKXNSXBuuuPY9CNNRFmoV2x+YtlwmF6UQUhafWTs2qrgC cl8aIpwG5oFBg== Received: by mail-lj1-f198.google.com with SMTP id 38308e7fff4ca-2c50255b905so46859451fa.0 for ; Mon, 30 Oct 2023 05:05:46 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1698667545; x=1699272345; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=4wJ5Tm/61E15gRGj85phh+y3C3KRS+lk2/KYpXu5K6Q=; b=LCXYNIiWIeRmyeM9yM4YrL4ol8m5DgxxSjD1+kymCdzb34Lguju8xfxxSF1vEwVanc di1KMVSgHHedy4svvi+H7gjXgXMK4CrIQb30qblcVAagi2bOP88MegdC4uub7OwbH8mb XcHJgGIFaRfD09WNyjvOlEv9oiZDv9qx0EniJ+BiUvtmugJcWzgWswcUmwfKUBvl5IWY 5AJNs8T6iT/HUJ2nksX9iAYsZo4ohdy0dk59TqxuoYGEfHe4VQJ/dHxapIzQeK17nn5/ b9StuV8pMjYKOomX1o5hFLeiEhx1oLMjExrKK+vpRAL17WbUj9EYHvLuNU8EV9AF9SWa OBfw== X-Gm-Message-State: AOJu0YwLTCup7hQ8FFSdOQwyBMkX/0zG22ype3D4EO8BuF+trMxJbmre vhybvvYR9D5V35NJlKDT7ieA6Sz7jdKKD98c03wWCxpBFfHbZI14mc6wxCrMs8WwtbFqSfXgUbq h5eBq/AblbLICLN4ZbLQjgNiMJBRwIi+qbhO+ACIxcA== X-Received: by 2002:ac2:4546:0:b0:507:9fe7:f321 with SMTP id j6-20020ac24546000000b005079fe7f321mr6505778lfm.54.1698667545669; Mon, 30 Oct 2023 05:05:45 -0700 (PDT) X-Received: by 2002:ac2:4546:0:b0:507:9fe7:f321 with SMTP id j6-20020ac24546000000b005079fe7f321mr6505764lfm.54.1698667545433; Mon, 30 Oct 2023 05:05:45 -0700 (PDT) Received: from localhost ([159.148.223.140]) by smtp.gmail.com with ESMTPSA id er15-20020a05651248cf00b005031774a51fsm1418994lfb.225.2023.10.30.05.05.44 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 30 Oct 2023 05:05:45 -0700 (PDT) From: Dimitri John Ledkov To: Herbert Xu , "David S. Miller" Cc: smueller@chronox.de, linux-crypto@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH v2 2/4] crypto: drbg - update FIPS CTR self-checks to aes256 Date: Mon, 30 Oct 2023 14:05:14 +0200 Message-Id: <20231030120517.39424-3-dimitri.ledkov@canonical.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20231030120517.39424-1-dimitri.ledkov@canonical.com> References: <20231029204823.663930-1-dimitri.ledkov@canonical.com> <20231030120517.39424-1-dimitri.ledkov@canonical.com> MIME-Version: 1.0 X-Spam-Status: No, score=-1.3 required=5.0 tests=DKIMWL_WL_HIGH,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on pete.vger.email Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (pete.vger.email [0.0.0.0]); Mon, 30 Oct 2023 05:06:27 -0700 (PDT) X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1781124354645458897 X-GMAIL-MSGID: 1781182068332612537 When originally drbg was introduced FIPS self-checks for all types but CTR were using the most preferred parameters for each type of DRBG. Update CTR self-check to use aes256. This patch updates code from 541af946fe ("crypto: drbg - SP800-90A Deterministic Random Bit Generator"), but is not interesting to cherry-pick for stable updates, because it doesn't affect regular builds, nor has any tangible effect on FIPS certifcation. Signed-off-by: Dimitri John Ledkov Reviewed-by: Stephan Mueller --- crypto/drbg.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/crypto/drbg.c b/crypto/drbg.c index 2cce18dcfc..b120e2866b 100644 --- a/crypto/drbg.c +++ b/crypto/drbg.c @@ -1478,8 +1478,8 @@ static int drbg_generate(struct drbg_state *drbg, err = alg_test("drbg_pr_hmac_sha256", "drbg_pr_hmac_sha256", 0, 0); else if (drbg->core->flags & DRBG_CTR) - err = alg_test("drbg_pr_ctr_aes128", - "drbg_pr_ctr_aes128", 0, 0); + err = alg_test("drbg_pr_ctr_aes256", + "drbg_pr_ctr_aes256", 0, 0); else err = alg_test("drbg_pr_sha256", "drbg_pr_sha256", 0, 0); @@ -2017,7 +2017,7 @@ static inline int __init drbg_healthcheck_sanity(void) return 0; #ifdef CONFIG_CRYPTO_DRBG_CTR - drbg_convert_tfm_core("drbg_nopr_ctr_aes128", &coreref, &pr); + drbg_convert_tfm_core("drbg_nopr_ctr_aes256", &coreref, &pr); #endif #ifdef CONFIG_CRYPTO_DRBG_HASH drbg_convert_tfm_core("drbg_nopr_sha256", &coreref, &pr); From patchwork Mon Oct 30 12:05:15 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Dimitri John Ledkov X-Patchwork-Id: 159700 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:d641:0:b0:403:3b70:6f57 with SMTP id cy1csp2157501vqb; Mon, 30 Oct 2023 05:06:25 -0700 (PDT) X-Google-Smtp-Source: AGHT+IFHVl2rNx6qM055+Xib6bfSZm7ueyG4roddb/tMCHRBzKHCIcmmudIMKITOdp9DwMtE1PDZ X-Received: by 2002:a05:6a21:3395:b0:171:75ef:d636 with SMTP id yy21-20020a056a21339500b0017175efd636mr8273598pzb.21.1698667585094; Mon, 30 Oct 2023 05:06:25 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1698667585; cv=none; d=google.com; s=arc-20160816; b=JmT4UMbyqTqZfgW/BwySCpQOTMwOgCLdFKe/4l8ASQW0C78FoxV8kSv+KFmB//28Gz UgKM4TsMY3QWwYkO/RCoIpj8QpncbFhjEt/mFZMuNqZSNq/nl15k4U2ZG/Zken6qhn4Z nAQmPs4j+0Ame5xeVHsZXo5Jijt4tqomO1lOcUXCKgL0+lYOzHbIEY7z+f8XdmZLAJS/ e7SQ5MVsu6/myqanjyNciP9wfXjLGCujkNKnKxrF5Elg/BOi74E6PEJEBtNU4W9u1qN0 jOc4OQy8cfK7P0h+2GhUzp9KDegbl2Pbzk1NJg30X0hi6+4f39mD3juYJui+qf2eVXjh CCgA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=h5yxdWuSdqlkaRjQHxke+23X5/FDQMoqzJ+o1pD1n2g=; fh=f7rGv/lZUKYPSVW4vmZTSpKGS2MqhLr4JDXhUskr9eQ=; b=BdeZKsRZJeO4mAOsCvEDEe9RT48Leyh3BOAhDL25OP1tZUnHuS48o8pc2uGMeCw1M2 nnXLz93trDQNY3djfIoNfqvyFJ27rcwTTsD6Nou2sPHW3Fp9uwe9JPECklaYh6hOfo3J wb6Se2uzJdFMxWMYPC28h6xGrrRZ/AlQIsWmw9Kf5Lg2Q5qp1CKQ0pETrFQnNTxNDgYI LFoQdyUD4ydR2zRbB2wq54YxEdeQvGKNVLP3rIi2LEfv8yuseuBhQIpdFFSgJ1pjcnOA 88kPuuvOzosqo1EmsEextpTqpG6DUdZ++hsp/45IMh2FQrgfAYqcTjdVV3yPJ2fuUIGe +tVQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@canonical.com header.s=20210705 header.b=rxzMOK4o; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.35 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=canonical.com Received: from groat.vger.email (groat.vger.email. [23.128.96.35]) by mx.google.com with ESMTPS id f16-20020a056a00229000b0068e47f1fc7esi4849327pfe.159.2023.10.30.05.06.24 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 30 Oct 2023 05:06:25 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.35 as permitted sender) client-ip=23.128.96.35; Authentication-Results: mx.google.com; dkim=pass header.i=@canonical.com header.s=20210705 header.b=rxzMOK4o; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.35 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=canonical.com Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by groat.vger.email (Postfix) with ESMTP id DBCAD80617F3; Mon, 30 Oct 2023 05:06:21 -0700 (PDT) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.10 at groat.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233251AbjJ3MGJ (ORCPT + 31 others); Mon, 30 Oct 2023 08:06:09 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:33844 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233121AbjJ3MGF (ORCPT ); Mon, 30 Oct 2023 08:06:05 -0400 Received: from smtp-relay-internal-0.canonical.com (smtp-relay-internal-0.canonical.com [185.125.188.122]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id B681A100 for ; Mon, 30 Oct 2023 05:05:55 -0700 (PDT) Received: from mail-lf1-f71.google.com (mail-lf1-f71.google.com [209.85.167.71]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by smtp-relay-internal-0.canonical.com (Postfix) with ESMTPS id 855AF3FD43 for ; Mon, 30 Oct 2023 12:05:51 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=canonical.com; s=20210705; t=1698667551; bh=h5yxdWuSdqlkaRjQHxke+23X5/FDQMoqzJ+o1pD1n2g=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=rxzMOK4oexsUdphk54Ofr59Pw2d1aV/nY7+R0dl4mjd0HZHSrPzoqoR0Ktc/UTDfm Euz8a/xWi6qHDKS4sFPtcIRX0jsBEpwaXg/Gum7Zz5mXEF+euE8Gj3EcqUYbDX2lXu 9fsb+zRR3gCmZ89iL3pHO2oge5joLRpPYzZYlWb3ZnV6ojE6zEYiaNkIkArdT5JQcM LwFMOhOTpcLuGrNB6ad0lRG7EBIVPGpi0Hofi/UCYFvekKvKir25YNJKA1teHmwjMf XRkNjg4lHLMYFxWZZDRy7C2sVKixfJpbkBkXmjNpGA1RBSJVbpj3LZ9QnISHgntN3s JqBmNvShQuArQ== Received: by mail-lf1-f71.google.com with SMTP id 2adb3069b0e04-507be692ce4so4597179e87.2 for ; Mon, 30 Oct 2023 05:05:51 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1698667549; x=1699272349; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=h5yxdWuSdqlkaRjQHxke+23X5/FDQMoqzJ+o1pD1n2g=; b=NHwffU/1mhoY1lMIq6TFo4kmEkyTSsl0f2UWjMhrb/GakbYkWFkvBTY2KwrtYZmwcN OqyMLjO0ysB+zsdlXk/tob3Y94l3rdyDRV2sgqBSfGQRw/dBMrxo8mdXttENZnCQ7lR9 92OSPbZCtW2Gl0kK0ZAx9LNYLsKWMNCARqw4jhMAsNxCtKctRi2ROmHCRe5BXUnBbF9Z QCoIoi9DGmAuPv7HCvC8gmSwIr1rWl5WMr/81s/RRpAq1eDAY8I0D7vhcElgSIp/Cn2H Dgd3J7Wp45c/Zo7z776km0cK25Jln+Ms9GjJ0cChkeUzkDcmvv8z0CW21q/djJ74ffGQ zOxg== X-Gm-Message-State: AOJu0YycFtYFgQtCNy6I0CfkN4Whuu8XboATAmBlpSuhaNN0/3NaCJlo gYlCzcDZ6qYFNgdvUXmSy412LzBIE/NAJbli4m/QNEOEgmrO54VPIUqlii3j55nz2gVx+Nb19sT CfCESjrYluVw0JnnGqozeZZjF1yuzKoU0nyxAokskat31XgSeVBN2c08= X-Received: by 2002:ac2:521b:0:b0:507:f0f2:57bd with SMTP id a27-20020ac2521b000000b00507f0f257bdmr6364250lfl.66.1698667549186; Mon, 30 Oct 2023 05:05:49 -0700 (PDT) X-Received: by 2002:ac2:521b:0:b0:507:f0f2:57bd with SMTP id a27-20020ac2521b000000b00507f0f257bdmr6364236lfl.66.1698667548933; Mon, 30 Oct 2023 05:05:48 -0700 (PDT) Received: from localhost ([159.148.223.140]) by smtp.gmail.com with ESMTPSA id r27-20020ac25f9b000000b005079a4cf2c1sm1407367lfe.239.2023.10.30.05.05.47 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 30 Oct 2023 05:05:48 -0700 (PDT) From: Dimitri John Ledkov To: Herbert Xu , "David S. Miller" Cc: smueller@chronox.de, linux-crypto@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH v2 3/4] crypto: drbg - ensure drbg hmac sha512 is used in FIPS selftests Date: Mon, 30 Oct 2023 14:05:15 +0200 Message-Id: <20231030120517.39424-4-dimitri.ledkov@canonical.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20231030120517.39424-1-dimitri.ledkov@canonical.com> References: <20231029204823.663930-1-dimitri.ledkov@canonical.com> <20231030120517.39424-1-dimitri.ledkov@canonical.com> MIME-Version: 1.0 X-Spam-Status: No, score=-1.3 required=5.0 tests=DKIMWL_WL_HIGH,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on groat.vger.email Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (groat.vger.email [0.0.0.0]); Mon, 30 Oct 2023 05:06:21 -0700 (PDT) X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1781124374786560088 X-GMAIL-MSGID: 1781182061912322177 Update code comment, self test & healthcheck to use HMAC SHA512, instead of HMAC SHA256. These changes are in dead-code, or FIPS enabled code-paths only and have not effect on usual kernel builds. On systems booting in FIPS mode that has the effect of switch sanity selftest to HMAC sha512 based (which has been the default DRBG). This patch updates code from 9b7b94683a ("crypto: DRBG - switch to HMAC SHA512 DRBG as default DRBG"), but is not interesting to cherry-pick for stable updates, because it doesn't affect regular builds, nor has any tangible effect on FIPS certifcation. Signed-off-by: Dimitri John Ledkov Reviewed-by: Stephan Mueller --- crypto/drbg.c | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/crypto/drbg.c b/crypto/drbg.c index b120e2866b..99666193d9 100644 --- a/crypto/drbg.c +++ b/crypto/drbg.c @@ -111,9 +111,9 @@ * as stdrng. Each DRBG receives an increasing cra_priority values the later * they are defined in this array (see drbg_fill_array). * - * HMAC DRBGs are favored over Hash DRBGs over CTR DRBGs, and - * the SHA256 / AES 256 over other ciphers. Thus, the favored - * DRBGs are the latest entries in this array. + * HMAC DRBGs are favored over Hash DRBGs over CTR DRBGs, and the + * HMAC-SHA512 / SHA256 / AES 256 over other ciphers. Thus, the + * favored DRBGs are the latest entries in this array. */ static const struct drbg_core drbg_cores[] = { #ifdef CONFIG_CRYPTO_DRBG_CTR @@ -1475,8 +1475,8 @@ static int drbg_generate(struct drbg_state *drbg, int err = 0; pr_devel("DRBG: start to perform self test\n"); if (drbg->core->flags & DRBG_HMAC) - err = alg_test("drbg_pr_hmac_sha256", - "drbg_pr_hmac_sha256", 0, 0); + err = alg_test("drbg_pr_hmac_sha512", + "drbg_pr_hmac_sha512", 0, 0); else if (drbg->core->flags & DRBG_CTR) err = alg_test("drbg_pr_ctr_aes256", "drbg_pr_ctr_aes256", 0, 0); @@ -2023,7 +2023,7 @@ static inline int __init drbg_healthcheck_sanity(void) drbg_convert_tfm_core("drbg_nopr_sha256", &coreref, &pr); #endif #ifdef CONFIG_CRYPTO_DRBG_HMAC - drbg_convert_tfm_core("drbg_nopr_hmac_sha256", &coreref, &pr); + drbg_convert_tfm_core("drbg_nopr_hmac_sha512", &coreref, &pr); #endif drbg = kzalloc(sizeof(struct drbg_state), GFP_KERNEL); From patchwork Mon Oct 30 12:05:16 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Dimitri John Ledkov X-Patchwork-Id: 159702 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:d641:0:b0:403:3b70:6f57 with SMTP id cy1csp2157666vqb; Mon, 30 Oct 2023 05:06:39 -0700 (PDT) X-Google-Smtp-Source: AGHT+IGtOkWbKmn/2lRPIOVnkAE4AF0pxTJ5Kh1OSniwfa0TeBSO0y7v7dySDUh89EeyOPZq7msc X-Received: by 2002:a17:90b:2348:b0:27d:75f2:a3ee with SMTP id ms8-20020a17090b234800b0027d75f2a3eemr6292765pjb.10.1698667598985; Mon, 30 Oct 2023 05:06:38 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1698667598; cv=none; d=google.com; s=arc-20160816; b=f407rgQdugUViIDSYeayie5PfyzqQ9sRELGjjkVrBWZAr4mDy9xAhaIdRw8ExZapvo 4429evuTKRv3N0bp8OaY2VRBKnIYet+J5j2v9EKLfF92y4tl0/dPVtiJEZPLOOXeLXPZ dPXYz2rAvrHd/Ow3/qU51VK6++yKZ4Xu153HFKRz2WDHxlzf9Yak+O2D4Ps82GDOkqjk kgCg/pEdicWUPQ77hRdDc92/hPahuiqK+lgzQNYL8bRJzwpnZSzw9NFqE7Ghh7lmq9NJ 00W+vcpfNbbz9GpeifVLnF5AAEUYXP8SoIImg/U5rNMZa+FEkdAFdyDtB6Jo/jFMbBQn JFmQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=euOHMKbk4HXdz0uT+/ZbQgWhVnv6TwkCQv8wxSBXEso=; fh=6Cm1WNkcEO2+LWv/t7a44SQzpHdnVpoHDoJJnqz0fVs=; b=rwVYjm/cFNLUkBAOPbOS+UYlf8iNHOu3R2G5s7MQpKrumkB/s49CBw1WyVOhqTi3zt JE2nbrgGz9SFVrKJJP1ec7OcDuIZZnTT1vuX5KD4xBHLcBAAMU4YGy9Dj2Z7iPyia46+ oS5H90+CIUWrfBk/vRZV4bH1MKL/dl/0bzCmY63qCpWP4mX0GeT3KtJe2HC8n+mgb5+B y8qltlYF1Y7KsWeygrmP0ohrYBzmuaP9R9vJ1dDoq7J9FWTfK48wU93nbWXJYVZT76bK 2PmtuqqoW7O7TqWWlJ4DT69NmlJpqQMHOWi9IqQKJ63C+WMbTSm3+sz61wNL/o4YhsLQ 2m4Q== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@canonical.com header.s=20210705 header.b="VN/+/SoZ"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:6 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=canonical.com Received: from pete.vger.email (pete.vger.email. [2620:137:e000::3:6]) by mx.google.com with ESMTPS id lr15-20020a17090b4b8f00b00277517b42dasi5006044pjb.35.2023.10.30.05.06.38 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 30 Oct 2023 05:06:38 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:6 as permitted sender) client-ip=2620:137:e000::3:6; Authentication-Results: mx.google.com; dkim=pass header.i=@canonical.com header.s=20210705 header.b="VN/+/SoZ"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:6 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=canonical.com Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by pete.vger.email (Postfix) with ESMTP id 86856805DEEC; Mon, 30 Oct 2023 05:06:36 -0700 (PDT) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.10 at pete.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233135AbjJ3MGV (ORCPT + 31 others); Mon, 30 Oct 2023 08:06:21 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:33836 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233240AbjJ3MGJ (ORCPT ); Mon, 30 Oct 2023 08:06:09 -0400 Received: from smtp-relay-internal-1.canonical.com (smtp-relay-internal-1.canonical.com [185.125.188.123]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 539721AA for ; Mon, 30 Oct 2023 05:06:00 -0700 (PDT) Received: from mail-lf1-f69.google.com (mail-lf1-f69.google.com [209.85.167.69]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by smtp-relay-internal-1.canonical.com (Postfix) with ESMTPS id 367E13F1D9 for ; Mon, 30 Oct 2023 12:05:59 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=canonical.com; s=20210705; t=1698667559; bh=euOHMKbk4HXdz0uT+/ZbQgWhVnv6TwkCQv8wxSBXEso=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=VN/+/SoZd+s92QbdYMv3tJ3OcKS++Fc6m7K5FQK1tZJswxlEcln3Ta3o+hsLAa75Y RLt9tGFlP+LSbqNbmytLw286q/W96dzn73zxoLwUgZ9SWRLA7f5qYmGClZaoWyQx17 D/s0K6AIqzqf+0bJgr43aIPqkWEC3ILHocCsCVffmkF5Hyc1UXQ364aryoYiGPxkoU mVLiFN/TdjmI2p925arm4fO8h4/B460Ki8lwyNvcSuKc3HVDKLVV4SdjIl+D2R9hT3 LljluUJR90L2NTi11zKha9XWSKM7yFpeW+eomB4gyCb/K6X1hlPQnne0kuByb8RX67 /XpOlcZ05QOBw== Received: by mail-lf1-f69.google.com with SMTP id 2adb3069b0e04-50798a259c7so4737124e87.1 for ; Mon, 30 Oct 2023 05:05:59 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1698667558; x=1699272358; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=euOHMKbk4HXdz0uT+/ZbQgWhVnv6TwkCQv8wxSBXEso=; b=aAFYAxFmQv1mT/wYaSrAAgPGZosRA+/J4UjZq/X1twp+C+CCJmTKR2C+LYL5A8pfaT 5afDeW8LMbUzt4tWah61NO5rtC4aixeBMLk5QsMK4K8j+8BjJJxfzECKNlq/HknbO7GC c/4ekP4oLoeLyA+w/2bS98+QHArQoOMQ5SS1I56UG62kaMV0WRx2Ok8SwdsITsXZoQP9 0CDgVHveHhszWvxCO7d9SwQ37xdQvdWKtqhkNLJK7+I5AzpMvChNw0h+LJqXozNOXcer lSjidtEGhExW2Kez8Vqkj/pafDzgNjF8ZG04jFyMi5UYMpXrryrXWsuIhpUhKK7k48q2 kgJQ== X-Gm-Message-State: AOJu0Yyjff4NmJKNLl4t05VoqW/9KHKGJ9deykj/i2EM/cGGsndh5P/z KxtHmnb5+N8GFa8KN3vleGJMtvsQeAapnPdtJBz9JoZwQwWgK8LB7KYMSYhZQi68l3naLQHp9JC X2bpi2cTaNK36PDHn+C7dUEZe7ItxRR5ZVGWhAiXUOA== X-Received: by 2002:a05:6512:1116:b0:506:8d2a:5653 with SMTP id l22-20020a056512111600b005068d2a5653mr9066696lfg.47.1698667558568; Mon, 30 Oct 2023 05:05:58 -0700 (PDT) X-Received: by 2002:a05:6512:1116:b0:506:8d2a:5653 with SMTP id l22-20020a056512111600b005068d2a5653mr9066667lfg.47.1698667558264; Mon, 30 Oct 2023 05:05:58 -0700 (PDT) Received: from localhost ([159.148.223.140]) by smtp.gmail.com with ESMTPSA id o19-20020ac24353000000b00507962dd2aesm1416736lfl.207.2023.10.30.05.05.57 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 30 Oct 2023 05:05:57 -0700 (PDT) From: Dimitri John Ledkov To: Herbert Xu , "David S. Miller" , Maxime Coquelin , Alexandre Torgue Cc: smueller@chronox.de, linux-crypto@vger.kernel.org, linux-kernel@vger.kernel.org, linux-stm32@st-md-mailman.stormreply.com, linux-arm-kernel@lists.infradead.org Subject: [PATCH v2 4/4] crypto: drbg - Remove SHA1 from drbg Date: Mon, 30 Oct 2023 14:05:16 +0200 Message-Id: <20231030120517.39424-5-dimitri.ledkov@canonical.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20231030120517.39424-1-dimitri.ledkov@canonical.com> References: <20231029204823.663930-1-dimitri.ledkov@canonical.com> <20231030120517.39424-1-dimitri.ledkov@canonical.com> MIME-Version: 1.0 X-Spam-Status: No, score=-1.3 required=5.0 tests=DKIMWL_WL_HIGH,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on pete.vger.email Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (pete.vger.email [0.0.0.0]); Mon, 30 Oct 2023 05:06:36 -0700 (PDT) X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1781124374789271746 X-GMAIL-MSGID: 1781182076501560124 SP800-90C 3rd draft states that SHA-1 will be removed from all specifications, including drbg by end of 2030. Given kernels built today will be operating past that date, start complying with upcoming requirements. No functional change, as SHA-256 / SHA-512 based DRBG have always been the preferred ones. Signed-off-by: Dimitri John Ledkov Reviewed-by: Stephan Mueller --- crypto/drbg.c | 16 ---------------- crypto/testmgr.c | 25 ++++--------------------- 2 files changed, 4 insertions(+), 37 deletions(-) diff --git a/crypto/drbg.c b/crypto/drbg.c index 99666193d9..bccadaedcf 100644 --- a/crypto/drbg.c +++ b/crypto/drbg.c @@ -139,12 +139,6 @@ static const struct drbg_core drbg_cores[] = { #endif /* CONFIG_CRYPTO_DRBG_CTR */ #ifdef CONFIG_CRYPTO_DRBG_HASH { - .flags = DRBG_HASH | DRBG_STRENGTH128, - .statelen = 55, /* 440 bits */ - .blocklen_bytes = 20, - .cra_name = "sha1", - .backend_cra_name = "sha1", - }, { .flags = DRBG_HASH | DRBG_STRENGTH256, .statelen = 111, /* 888 bits */ .blocklen_bytes = 48, @@ -166,12 +160,6 @@ static const struct drbg_core drbg_cores[] = { #endif /* CONFIG_CRYPTO_DRBG_HASH */ #ifdef CONFIG_CRYPTO_DRBG_HMAC { - .flags = DRBG_HMAC | DRBG_STRENGTH128, - .statelen = 20, /* block length of cipher */ - .blocklen_bytes = 20, - .cra_name = "hmac_sha1", - .backend_cra_name = "hmac(sha1)", - }, { .flags = DRBG_HMAC | DRBG_STRENGTH256, .statelen = 48, /* block length of cipher */ .blocklen_bytes = 48, @@ -648,8 +636,6 @@ MODULE_ALIAS_CRYPTO("drbg_pr_hmac_sha384"); MODULE_ALIAS_CRYPTO("drbg_nopr_hmac_sha384"); MODULE_ALIAS_CRYPTO("drbg_pr_hmac_sha256"); MODULE_ALIAS_CRYPTO("drbg_nopr_hmac_sha256"); -MODULE_ALIAS_CRYPTO("drbg_pr_hmac_sha1"); -MODULE_ALIAS_CRYPTO("drbg_nopr_hmac_sha1"); /* update function of HMAC DRBG as defined in 10.1.2.2 */ static int drbg_hmac_update(struct drbg_state *drbg, struct list_head *seed, @@ -768,8 +754,6 @@ MODULE_ALIAS_CRYPTO("drbg_pr_sha384"); MODULE_ALIAS_CRYPTO("drbg_nopr_sha384"); MODULE_ALIAS_CRYPTO("drbg_pr_sha256"); MODULE_ALIAS_CRYPTO("drbg_nopr_sha256"); -MODULE_ALIAS_CRYPTO("drbg_pr_sha1"); -MODULE_ALIAS_CRYPTO("drbg_nopr_sha1"); /* * Increment buffer diff --git a/crypto/testmgr.c b/crypto/testmgr.c index 216878c8bc..209b21ef79 100644 --- a/crypto/testmgr.c +++ b/crypto/testmgr.c @@ -4849,14 +4849,6 @@ static const struct alg_test_desc alg_test_descs[] = { .suite = { .drbg = __VECS(drbg_nopr_ctr_aes256_tv_template) } - }, { - /* - * There is no need to specifically test the DRBG with every - * backend cipher -- covered by drbg_nopr_hmac_sha256 test - */ - .alg = "drbg_nopr_hmac_sha1", - .fips_allowed = 1, - .test = alg_test_null, }, { .alg = "drbg_nopr_hmac_sha256", .test = alg_test_drbg, @@ -4865,7 +4857,10 @@ static const struct alg_test_desc alg_test_descs[] = { .drbg = __VECS(drbg_nopr_hmac_sha256_tv_template) } }, { - /* covered by drbg_nopr_hmac_sha256 test */ + /* + * There is no need to specifically test the DRBG with every + * backend cipher -- covered by drbg_nopr_hmac_sha512 test + */ .alg = "drbg_nopr_hmac_sha384", .test = alg_test_null, }, { @@ -4875,10 +4870,6 @@ static const struct alg_test_desc alg_test_descs[] = { .suite = { .drbg = __VECS(drbg_nopr_hmac_sha512_tv_template) } - }, { - .alg = "drbg_nopr_sha1", - .fips_allowed = 1, - .test = alg_test_null, }, { .alg = "drbg_nopr_sha256", .test = alg_test_drbg, @@ -4910,10 +4901,6 @@ static const struct alg_test_desc alg_test_descs[] = { .alg = "drbg_pr_ctr_aes256", .fips_allowed = 1, .test = alg_test_null, - }, { - .alg = "drbg_pr_hmac_sha1", - .fips_allowed = 1, - .test = alg_test_null, }, { .alg = "drbg_pr_hmac_sha256", .test = alg_test_drbg, @@ -4929,10 +4916,6 @@ static const struct alg_test_desc alg_test_descs[] = { .alg = "drbg_pr_hmac_sha512", .test = alg_test_null, .fips_allowed = 1, - }, { - .alg = "drbg_pr_sha1", - .fips_allowed = 1, - .test = alg_test_null, }, { .alg = "drbg_pr_sha256", .test = alg_test_drbg,